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AMENDMENTS 

The following listing of Claims will replace all prior versions and listing of claims 
in the application. 

1. (currently amended) A method for providing a first network resource operating 
on a first network device access to a second network resource operating on a second 
network device, comprising: 

from a third network device, locating a profile using profile data obtained from a 
client device, the profile containing data for identifying and for accessing the second 
network resource; 

from the third network device, supplying the profile to the second network 
resource; 

at from the third network device, receivingrfrom tho cocond notwofk-feeeweer 
temporary credentials for accessing the second network resource and generated 
according to the profile, the temporary crede ntials beino evicted from the mm nri 
network resource- and 

from the third network device, providing the first network resource with the 
temporary credentials so that the first network resource can provide the second network 
resource with the temporary credentials to access and interact with the second network 
resource on behalf of the client device. 

2. (original) The method of Claim 1 , further comprising the act of invalidating the 
temporary credentials following a termination event. 

3. (original) The method of Claim 2, wherein the termination event involves the 
lapse of a set time period. 

4. (previously presented) The method of Claim 2, wherein the termination event 
involves the first network resource accessing the second network resource. 
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5. (currently amended) The method of Claim 1 , wherein the temporary 
credentials that-provide the first network resource with limited access to the second 
network resource. 

6. (currently amended) A method for enabling an application server to access a 
data service, the application server operating on a first network device and the data 
sen/ice operating on a second network device, the method comprising: 

the application server instructing a client device to provide profile data to an 
identification service operating on a third network device, the identification service 
having access to one or more profiles used to access one or more data services 
including the data service operating on the second network device, the profile data 
identifying a particular profile; 

the identification service locating the particular profile using the profile data 
received from the client device, the profile containing data for identifying and for 
accessing the data service; 

the identification service providing the profile to the data service; 

the data service generating temporary credentials for accessing the data service 
identified by the particular profile and providing the temporary credentials to the 
identification service : and 

the application server obtaining the temporary credentials from the identification 
service and providing the data service with the temporary credentials to access and 
interact with the data service on behalf of the client device. 

7. (previously presented) The method of Claim 6, wherein the act of instructing 
the client device includes providing a user interface that includes instructions to send 
profile data to the identification service, and sending the interface to the client device. 

8. (previously presented) The method of Claim 6, wherein the act of instructing 
the client device comprises redirecting the client device to the identification service. 
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9. (original) The method of Claim 6, further comprising the act of invalidating the 
temporary credentials following a termination event. 

10. (original) The method of Claim 6, wherein the act of generating temporary 
credentials comprises generating temporary credentials that provide limited access to 
the data service. 

1 1 . (previously presented) The method of Claim 6, further comprising the 
application server generating a framed web page having a first frame and a second 
frame, and providing, for the first frame, content for directing an application, and 
providing, for the second frame, content for selecting one or more electronic files 
managed by the data service identified by the particular profile. 

12. (previously presented) The method of Claim 1 1 , further comprises the client 
device sending a cookie identifying the particular profile upon opening the framed web 
page. 

13. (previously presented) The method of Claim 1 1 , wherein the act of 
generating an interface includes generating an interface that includes instructions to 
request a web bug from the identification service, the method further comprising the 
client device requesting the web bug, the request including a cookie identifying the 
particular profile. 

14. (currently amended) A method for enabling an application server to access a 
data service, the application server operating on a first network device and the data 
service operating on a second network device, the method comprising: 

the application server receiving, from a client device, a request to direct an 
application; 

the application server instructing the client device to provide profile data to an 
identification service operating on a third network device, the identification service 
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having access to one or more profiles for identifying and accessing one or more data 
services, the profile data identifying a particular profile; 

the identification service providing the data service with the particular profile 
identified by the profile data, the profile containing data for identifying and accessing the 
data service; 

the data service using the profile to generate temporary credentials for accessing 
the data service and providing the temporary credentials to the identification service ; 
and 

the application server obtaining the temporary credentials from the identification 
service and p roviding the data service with the temporary credentials to access and 
interact with the data service on behalf of the client device.. 

15. (previously presented) The method of Claim 14, wherein the act of instructing 
the client device includes generating a user interface that includes instruction to send 
profile data to the identification service, and sending the interface to the client device. 

16. (previously presented) The method of Claim 14, wherein the act of instructing 
the client device comprises redirecting the client device to the identification service. 

17. (original) The method of Claim 14, further comprising the act of invalidating 
the temporary credentials following a termination event. 

18. (previously presented) The method of Claim 14, wherein the act of using the 
profile to generate temporary credentials comprises generating temporary credentials 
that provide limited access to the data service. 

19. (previously presented) The method of Claim 14, further comprising the 
application server generating a framed web page having a first frame and a second 
frame, the method further comprising providing, for the first frame, content for directing 
an application, and providing, for the second frame, content for selecting one or more 
electronic files managed by the data service identified by the particular profile. 
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20. (previously presented) The method of Claim 19, wherein the act of 
generating the framed web page includes generating a framed web page that includes 
instructions to request a web bug from the identification service, and wherein the act 
instructing the client device includes the client device requesting the web bug upon 
opening the framed web page, the request including a cookie identifying the particular 
profile, 

21 . (currently amended) A computer readable medium having instructions for: 
from a third network device, locating a profile using profile data obtained from a 

client device, the profile containing data for identifying and for accessing a second 
network resource operating on a second network device.; 

from the third network device, supplying the profile to the second network 
resource; 

at the third network device receiving r from - th e s e cond n e twork r e sourc e , 
temporary credentials for accessing the second network resource and generated 
according to the profile , the temporary credentials_beinq_provided from the second 
network resource : and 

from the third network device, providing a first network resource operating on a 
first network device with the temporary credentials so that the first network resource can 
provide the second network resource with the temporary credentials to access and 
interact with the second network resource on behalf of the client device. 

22. (original) The medium of Claim 21 , further having instructions for invalidating 
the temporary credentials following a termination event. 

23. (original) The medium of Claim 22, wherein the termination event involves 
the lapse of a set period of time. 

24. (original) The medium of Claim 22, wherein the termination event involves 
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25. (currently amended) The medium of Claim 21, wherein the temporary 
credentials provide limited access to the second network resource. 

26. (currently amended) A computer readable medium having instructions for: 
from a first network device, instructing a client device to provide profile data to an 

identification service operating on a third network device, the identification service 
having access to one or more profiles used to access one or more data services, the 
profile data identifying a particular profile; 

from the third network device, locating the particular profile using the profile data 
obtained from the client device, the profile containing data for identifying and for 
accessing a data service operating on a second network device; 

from the second network device, generating temporary credentials for accessing 
the data service identified by the particular profile and providing the temporary 
credentials to the third network device : and 

frem at the first network device, obtaining the temporary credentials from the 
third network device and providing the data sen/ice with the temporary credentials to 
access and interact with the data service operating on a second network device on 
behalf of the client device. 

27. (previously presented) The medium of Claim 26, wherein the instructions for 
instructing the client device include instructions for generating a user interface that 
includes instruction to send profile data to the identification service, and sending the 
interface to the client device. 

28. (previously presented) The medium of Claim 26, wherein the instructions for 
instructing the client device comprise instructions for redirecting the client device to the 
identification service. 
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29. (previously presented) The medium of Claim 26, wherein the instructions for 
generating temporary credentials comprise instructions for generating temporary 
credentials that provide limited access to the data service. 

30. (previously presented) The medium of Claim 26, having further instructions 
for generating a framed web page having a first frame and a second frame and 
providing, for the first frame, content for directing an application, and providing, for the 
second frame, content for selecting one or more electronic files managed by the 
accessed data service, 

31. (original) The medium of Claim 30, wherein the instructions for generating 
the framed web page include instructions for generating a framed web page that 
includes instructions to request a web bug from the identification service, the request to 
include a cookie identifying the particular profile. 

32. (currently amended) A computer readable medium having instructions for 
from a third network device, generating an interface having user accessible 

controls for creating a profile for accessing a data service operating on a second 
network device; 

from the third network device, creating a profile according to selections made 
through the interface the profile containing data for identifying and accessing the data 
service; and 

from the third network device: 

providing a client device with profile data identifying a created 

profile; 

upon receiving the profile data from the client device, retrieving a 
profile identified by the profile data; 

generating temporary credentials for accessing the data service 
identified by the retrieved profile; and 
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providing an application server operating on a first network device 
with the temporary credentials for accessing and interacting with the data 
service on behalf of the client device. 



from th e third n e twork d e v i o e r providing - a - client< te^e^A/ittvfiPQ fil e- d a ta 
id e ntify i ng - a - created - profil e ? 

uponHgreMng-p^ i d e ntifi e d by th e profil e data 

§9ne ra ti n g4empo rarY - cre dei^s i d e ntifi e d by th e 

FetFieved^fofjlef-aftd 



th e- cli e nt - d e vic er 

33. (previously presented) The medium of Claim 32, further comprising 
instructions for invalidating the temporary credentials following a termination event. 

34. (previously presented) The medium of Claim 33, wherein the termination 
event involves the lapse of a set time period. 

35. (previously presented) The medium of Claim 33, wherein the termination 
event involves accessing the data service. 

36. (previously presented) The medium of Claim 32, wherein the instructions for 
generating temporary credentials comprise instructions for generating temporary 
credentials that provide limited access to the data service. 

37. (previously presented) The medium of Claim 32, wherein the instructions for 
providing a client device with profile data comprise instructions for generating a cookie 
containing data identifying the created profile and instructing a web browser operating 
on the client device to save the cookie. 
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38. (currently amended) A computer readable medium having instructions for: 
generating, at a third network device, a profile interface having user accessible 

controls for creating a profile for locating and accessing a data service operating on a 
second network device; 

from the third network device, creating a profile according to selections made 
through the profile interface, the profile containing data for identifying and accessing the 
data sen/ice; 

from the third network device, providing a client device with profile data 
identifying a created profile; 

receiving, at a first network device, a request to access an application; 
from the first network device, instructing a client device to send profile data; 
receiving the profile data at the third network device; 

from the third network device, retrieving a profile identified by the profile data; 

generating, at the second network device, temporary credentials for accessing a 
data service identified by the retrieved profile and providing the temporary credentials to 
the third network device ; and 

from at the first network device, obtaining the temporary credentials from the 
third netwo rk device and providing the data service with the temporary credentials to 
access and interact with the data service on behalf of the client device. 

39. (previously presented) The medium of Claim 38, wherein the instructions for 
instructing the client device include instructions for generating a user interface that 
includes instruction to send profile data, and sending the interface to the client device. 

40. (previously presented) The medium of Claim 38, wherein the instructions for 
instructing the client device comprise instructions for redirecting the client device. 

41. (original) The medium of Claim 38, wherein the instructions for generating 
temporary credentials comprise instructions for generating temporary credentials that 
provide limited access to the data service. 
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42. (previously presented) The medium of Claim 38, having further instructions 
for generating a framed web page having a first frame and a second frame, the medium 
having further instructions for providing, for the first frame, content for directing the 
application, and providing, for the second frame, content for selecting one or more 
electronic files managed by the accessed data service. 

43. (previously presented) The medium of Claim 42, wherein the instructions for 
providing a client device with profile data comprise instructions for providing the client 
device with a cookie, and wherein the instructions for generating the framed web page 
include instructions for generating a framed web page that includes instructions to 
request a web bug from the identification service, the request to include the cookie. 

44. (currently amended) A system for providing a first network resource operating 
on a first network device with access to a second network resource operating on a 
second network device, comprising: an identification service operating on a third 
network device, the identification service in network communication with a credential 
module, the credential module operating on the second network device and operable to 
use a profile acquired by the identification service to generate temporary credentials for 
accessing the second network resource, the identification service being operable to 
receive profile data from a client device and T to acquire a profile identified by the profile 
data, the credential module and the identification service, together being operable to 
provide the first network resource with the temporary credentials enabling the first 
network resource to provide the second network resource with the temporary 
credentials to access and interact with the second network resource on behalf of the 
client device. 



45. (original) The system of Claim 44, wherein the credential module is further 
operable to invalidate the temporary credentials following a termination event. 

46. (original) The system of Claim 45, wherein the termination event involves the 
lapse of a set time period. 
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47. (original) The system of Claim 45, wherein the termination event involves the 
first server accessing the second server. 

48. (previously presented) The system of Claim 44, wherein the credential 
module is further operable to generate temporary credentials that provide limited 
access to the second network resource. 

49. (currently amended) A system for accessing a data service operating on a 
second network device comprising: 

an identification service, operating on a third network device, operable to receive 
profile data from a client device identifying a particular profile and to provide that profile, 
the profile to contain electronic data used to identify the data service; 

a credential module, operating on the second network device, operable to obtain 
the profile from the identification service, generate temporary credentials, and map 
those credentials to the data service identified by the profile and to provide the 
temporary credentials to the identification service ; and 

an application server, operating on a first network device, operable to serve an 
interface containing instructions to send profile data to the identification service, to 
obtain the temporary credentials from ,the_ identification service , and to provide the data 
service with the temporary credentials to access and interact with the data service on 
behalf of the client device. 

50. (original) The system of Claim 49, wherein the credential module is further 
operable to invalidate the temporary credentials following a termination event. 

51 . (original) The system of Claim 49, further comprising: 

an application content provider in communication with the application server and 
operable to generate content for directing an application; and 
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a data content provider in communication with the application server and 
operable to generate content for selecting electronic files managed by the accessed 
data service. 

52. (original) The system of Claim 51, wherein the application server is operable 
to create the interface in the form of a framed web page having a first frame for 
displaying the content generated by the application content provider and a second 
frame for displaying the content generated by the data content provider, the framed 
web page also including instructions to request a web bug from the identification 
service, the request to include the profile data. 

53. (original) The system of Claim 51 , further comprising a web browser operable 
to request and display the interface in the form of the framed web page and to request 
the web bug providing the profile data to the identification service. 

54. (currently amended) A system for accessing a data service operating on a 
second network device, the system comprising: 

an identification service operating on a third network device and operable to 
generate a profile interface having user accessible controls for creating a profile 
containing electronic data used to identify the data service, to create a profile using 
selections made through the profile interface, to issue instructions to store profile data 
used to access the created profile, to receive, from a client device, profile data 
identifying a particular profile, and to provide that profile; 

a credential module operable to obtain the profile from the identification service, 
generate temporary credentials, and map those credentials to the data service 
identified by the profile and to provi de the temporary credentials to the identification 
service : and 

an application server operating on a first network device and operable to serve 
an application interface that includes instructions to send profile data to the 
identification service, to obtain the temporary credentials from the identification service . 
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and to provide the data service with the temporary credentials to access and interact 
with the data service on behalf of the client device. 

55. (original) The system of Claim 54, wherein the credential module is further 
operable to invalidate the temporary credentials following a termination event. 

56. (original) The system of Claim 54, further comprising: 

an application content provider in communication with the application server and 
operable to generate application content for directing an application; and 

a data content provider in communication with the application server and 
operable to generate data content for selecting electronic files managed by the 
accessed data service. 

57. (original) The system of Claim 56, wherein the application server is operable 
to create the application interface in the form of a framed web page having a first frame 
for displaying the content generated by the application content provider and a second 
frame for displaying the content generated by the data content provider, the framed 
web page also including instructions to request a web bug from the identification 
service, the request to include the profile data, 

58. (original) The system of Claim 54, further comprising a browser operable to 
request and display the profile and application interfaces. 

59. (previously presented) A system for accessing data, comprising: 

a means for generating a profile interface having user accessible controls for 
creating a profile containing electronic data used to identify a particular data service 
operating on a second network device; 

a means for creating a profile using selections made through the profile 
interface; 

a means for issuing instructions to store profile data used to access the created 

profile; 
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a means for receiving, from a client device, profile data identifying a particular 

profile; 

a means for providing the particular profile; 
a means for generating temporary credentials; 

a means for mapping the temporary credentials to the data service identified by 
the provided profile; 

a means for serving an application interface that includes instructions to send 
profile data to an identification service operating on a third network device; 

a means for providing, from a first network device, the data service with the 
temporary credentials to access and interact with the data service on behalf of the client 
device; and 

a means for invalidating the temporary credentials. 
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